@dguido @laparisa @halvarflake This is an old problem right?
@dlitchfield -> SQL-Slammer.
Disclosure choices scare me less than regulation
@laparisa @haroonmeer @halvarflake @dlitchfield original source of research for exploits used in the wild. Tavis is the shining example here
-
-
@dguido@haroonmeer@halvarflake@dlitchfield how are you factoring in the r/d that neutered exploits?@taviso@scarybeasts@benhawkes -
@laparisa@haroonmeer@halvarflake I think you're comparing apples to oranges. I'm not taking a position, I'm just stating some facts... -
@laparisa@haroonmeer@halvarflake attackers won't do r&d on new attacks if they get handed them for free, and Google is prob #1 producer. -
@laparisa@haroonmeer@halvarflake you can verify cause and effect w/ VT, AV DBs, FPC, etc. Before disc: 0 incidents of occurrence [99%]... -
@laparisa@haroonmeer@halvarflake after disc: targeted attacks + mass exploitation using now public knowledge. Tavis' Java exps great ex.
End of conversation
New conversation -
-
-
@laparisa@haroonmeer@halvarflake@dlitchfield trend started back in ~09 and several others have kept up with it: https://www.trailofbits.com/resources/exploit_intelligence_project_2_slides.pdf … - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.